1. If you limit connections per minute from all hosts, legitimate traffic could be blocked - Right?
2. We're not sure if the traffic condition we're trying to prevent actually produces individual connections (I've got the connection rate limit rule in test mode now, so we should get some info that way) - The web server guy says the problem is characterized by 100s or more GET requests from a specific IP address. Is one of the rule types capable of identifying a rate of GETs from a specific IP?
(I'll be looking at the rules, but if anyone can put me on the right track, I'd appreciate it...)
I read the default rule as blocking connections - I think I've seen multiple GETs in a single stream, and I was understanding "connection" to be synonomous with stream. If a host could pound you with GETs in a single connection, it seemed you'd need some other rule type.
It's not one of ours - It's from outside, and the behaviour hops all over IP addresses, from Eastern Europe, Asia, Australia, etc.
Anyway, seems you are saying that if the GETs are coming fast and furious, there will also be connections coming fast and furious, so connection rate limit will help. Right?
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...